Cyber News & Articles

The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024.
The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a “full suite of espionage features.”
“It could upload files, capture screenshots

Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device users and their personal information.
“These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations,” Google said. “And more phone calling scammers are using spoofing techniques to hide their real

Have you had a phone call from police about your cryptocurrency wallet?

Be on your guard – you could be about to be scammed.

Read more in my article on the Hot for Security blog.

The threat actor known as Lotus Panda has been observed targeting government, manufacturing, telecommunications, and media sectors in the Philippines, Vietnam, Hong Kong, and Taiwan with updated versions of a known backdoor called Sagerunex.
“Lotus Blossom has been using the Sagerunex backdoor since at least 2016 and is increasingly employing long-term persistence command shells and developing

The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of these vulnerabilities lies Identity—the gateway to enterprise security and the number one attack vector

Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems.
“The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers

Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS.
“Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing them to execute

In episode 40 of the AI Fix, Graham meets a shape-shifting GOAT, a robot dog gets wet, Mark likes Claude 3.7 Sonnet, OpenAI releases its dullest model yet, Grok 3 needs to go home and have a lie down, and everyone loses their minds over two AI agents booking a hotel room using 90s-era modem dial-up sounds.

Graham tells the incredible story of a woman whose life was saved after ChatGPT told her to go to the emergency room, stat! And Mark explains how just a little negativity made GPT-4o bad to the bone.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure.
The list of vulnerabilities is as follows –

CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with

It’s been a confusing few days in the world of American cybersecurity…

Read more in my article on the Hot for Security blog.